Section 215 allows the government to apply to and obtain orders from a secret court, the Foreign Intelligence Surveillance Court. Those secret, classified orders can require businesses, like ISPs or phone companies, to turn over "any tangible thing" relevant to a foreign intelligence or terrorism investigation. According to the Washington Post, 80% of those orders are for internet records. A 215 Order also gags the recipient -- that is, the order specifically prohibits the company from ever disclosing the fact that the order was received.

And that's just what the text of Section 215 says. Elected officials briefed on the way the government has interpreted and used the section claim that there are really two Section 215's: one consistent with the language of the statute, and one that has stretched and expanded the section's plain meaning through secret court opinions and secret DOJ legal interpretations. Senators Ron Wyden and Mark Udall have repeatedlywarned about the government's secret use of 215 and have publicly called on the DOJ and the secret court to make those interpretations public.

Yet given the opportunity, the DOJ has repeatedly refused to do so. Yesterday, the DOJ was given another perfect chance: it was required by a court order to produce records responsive to our FOIA request, including information on the government's secret use and interpretation of the provision. But instead of producing information on that Section 215 -- the one Senators have warned us about and the reason behind our request in the first place -- the DOJ produced records related to the other 215 -- the one we can understand from reading the statute.

Admittedly, this was only the first release in a series of court ordered responses to our request, but -- if recent practice is any guide -- EFF will have a tough fight ahead in prying the secret interpretation from DOJ.

Three documents released yesterday underscore the secrecy the goverment employs in all aspects of Section 215. While the documents don't shed light on the government's secret legal interpretation of the section, they do reflect the overly secretive and coercive process surrounding Section 215 generally. As noted above, 215 orders are classified court orders. When an order is issued to a large phone company or an ISP, those large companies have employees with government security clearances who are "cleared" to receive the classified order. However, when DOJ sends an order to a smaller company, it's less likely that an employee will have the clearance to receive it, and the FBI has to use a special process to serve the order. These three documents lay out that process.

The process, described in the first two documents, includes doing a background check on the company employee before serving them with the order; then, the FBI allows the person to read the order and take notes on the information they are forced to turn over, but the employee can't even keep the order itself; the employee can share it with an attorney only after the FBI does a background check on the attorney, too; and, once the company fulfills the order, the FBI comes back and takes the employee's notes.

Imagine you work for a small phone company: one day, the FBI shows up and says, "We need to talk. We've already investigated and cleared you. We need this information in the interest of national security. Telling anyone about this is a federal crime." They then tell you to read the document and take notes (probably reminding you they'll be back to get the notes later). Then, they make you sign something (non-disclosure agreements and the last document posted above, a "custodial trust agreement"), agreeing to the terms they've laid out. The trust agreement doesn't even inform the recipient of their right to challenge the order, and it only obliquely mentions that an attorney can read the order (only, of course, if the FBI "clears" that attorney, too). Naturally, the trust agreement concludes with a reminder that disclosure may be a federal crime.

Given a coercive and intimidating scenario like this (and the cozy relationship the DOJ enjoys with the major ISPs and telcos), it's no wonder we know of no challenges to a 215 order by a company served with one. And this is a problem with the "regular" Section 215, the one we already know about and, largely, understand. In fact, this type of secrecy is not even a problem unique to this provision. Nevertheless, there's still another 215 -- a secret one -- that the government has refused to disclose any information about. It's one that elected officials have decried for years, and the DOJ has continued to hide, all in the name of national security.

Public officials have a duty to protect the national security; but they also have a duty to uphold and act consistently with federal laws and the Constitution. Too often, and even unintentionally, zeal for the former duty can overtake or blur the latter. When the government hides legal interpretations in the name of "national security," it necessarily calls into question the fidelity to the law and Constitution of those interpretations and the actions that they sanction. "Trust us" is a government justification that has not served the American public well in the past.

We hope DOJ can see the (sun)light on this issue and release the secret legal interpretations it uses to justify its surveillance. Until then, EFF will continue to see the government in court, fighting for those interpretations to be released.

Related Updates

Lt. Gen. Paul Nakasone, the new nominee to direct the NSA, faced questions Thursday from the Senate Select Committee on Intelligence about how he would lead the spy agency. One committee member, Senator Ron Wyden (D-OR), asked the nominee if he and his agency could avoid the mistakes of...

It’s Argentina's turn to take a closer look at the practices of their local Internet Service Providers, and how they treat their customers’ personal data when the government comes knocking. Argentina's ¿Quien Defiende Tus Datos? (Who Defends Your Data?) is a project of Asociación por los Derechos Civiles and the...

It’s Argentina's turn to take a closer look at the practices of their local Internet Service Providers, and how they treat their customers’ personal data when the government comes knocking. Argentina's ¿Quien Defiende Tus Datos? (Who Defends Your Data?) is a project of Asociación por los Derechos Civiles and the...

There’s a new, proposed backdoor to our data, which would bypass our Fourth Amendment protections to communications privacy. It is built into a dangerous bill called the CLOUD Act, which would allow police at home and abroad to seize cross-border data without following the privacy rules where the data is...

EFF and 23 other civil liberties organizations sent a letter to Congress urging Members and Senators to oppose the CLOUD Act and any efforts to attach it to other legislation. The CLOUD Act (S. 2383 and H.R. 4943) is a dangerous bill that would tear away global privacy...

The Supreme Court of India has commenced final hearings in the long-standing challenge to India's massive biometric identity apparatus, Aadhaar. Following last August’s ruling in the Puttaswamy case rejecting the Attorney General's contention that privacy was not a fundamental right, a five-judge bench is now weighing in on...

We need to talk about national security secrecy. Right now, there are two memos on everyone’s mind, each with its own version of reality. But the memos are just one piece. How the memos came to be—and why they continue to roil the waters in Congress—is more important. On January...

Today Google launched a new version of its Chrome browser with what they call an "ad filter"—which means that it sometimes blocks ads but is not an "ad blocker." EFF welcomes the elimination of the worst ad formats. But Google's approach here is a band-aid response to the crisis of...

The U.S. Department of Homeland Security (DHS), Customs and Border Protection (CBP) Privacy Office, and Office of Field Operations recently invited privacy stakeholders—including EFF and the ACLU of Northern California—to participate in a briefing and update on how the CBP is implementing its Biometric Entry/Exit Program.
As we’ve written ...